Slashdot Mirror
Feds Unveil Rule Requiring Cars To 'Talk' To Each Other (thehill.com)
An anonymous reader quotes a report from The Hill: The Obama administration released a long-awaited rule on Tuesday requiring all new vehicles to have communication technology that allows them to "talk" to each another, which officials say could prevent tens of thousands of crashes each year. The proposal calls for all new light-duty cars and trucks to eventually be equipped with vehicle-to-vehicle (V2V) technology, a safety system that enables cars to send wireless signals to each other, anticipate each other's moves and thus avoid crashes. The rule would require 100 percent of new vehicle fleets to have V2V technology within four years of the final rule's enactment. The proposal will be open for public comment for 90 days. The connected vehicle rule builds on previous work by the outgoing administration to accelerate the deployment of innovative safety technology. The Department of Transportation released the first-ever federal guidelines for driverless cars in September. "We are carrying the ball as far as we can to realize the potential of transportation technology to save lives," said Transportation Secretary Anthony Foxx. "This long-promised V2V rule is the next step in that progression. Once deployed, V2V will provide 360-degree situational awareness on the road and will help us enhance vehicle safety." Officials say V2V has the potential to mitigate 80 percent of non-impaired crashes and can interact with other crash avoidance systems, like automatic braking. V2V uses dedicated short-range radio communications to exchange messages about a car's speed, direction and location. The system uses that information from other vehicles to identify potentials risks and warn its driver. A pair of Democratic senators called on the agency to ensure that vehicles have "robust" cybersecurity and privacy protections in place before automakers deploy V2V.
Let's attach a unique ID transmitter to every car in America!
But I sure don't want a self-driving car that pays more than the most cursory attention to V2V data. Using it to determine whether the freeway is blocked ahead is fine. Using it for much of anything else is a horrible idea.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
You can't secure a system like that. I could totally cause gridlock by sending a fake signal a distance away and causing a vehicle to brake hard without warning.
This is going to be abused. People will have so much fun with this, it'll be unreal. Imagine a little box you can buy/build that spoofs a vehicle system and tricks all the cars in a 100 meter radius into executing an emergency stop...
Damn if that weasel wording doesn't sound straight from Sir Humphrey Applegate:
Almost anything can be attacked as a loss of X, and almost anything can be defended as not a significant loss of X, which seems to signify that one should appreciate the significance of significant.
1. How much 'potential'?
2. By how much would each crash be 'mitigated'?
3. How does the cost of this compare to the cost that it would save?
So much for privacy - your car will be beaming "Hey, this guy is going 2 mph over the speed limit!" to every cop in 20 miles.
Bow down to your masters in Washington DC!
will be over. More than 20 million were killed in car accidents in the 21st century alone.
This is going to be abused. People will have so much fun with this, it'll be unreal. Imagine a little box you can buy/build that spoofs a vehicle system and tricks all the cars in a 100 meter radius into executing an emergency stop...
Yea, that won't be difficult to extract from a rolled vehicle at all...
Open for comment for 90 days before putting into action at some point in future. Will be required 4 years after that time.
Umm, does Obama realize that Trump will be president before then? Or is his CIA reporting that Russia hacked the election an attempt to say the election was invalid so he could remain president for another 4 years? Seems like a waste of effort, unless he convinced Trump this would be a good idea.
Spoof V2V data, trick car into thinking car in front is braking. Kidnap/rob from target vehicle. Profit.
Silence is a state of mime.
You can see where this is going. 300-car pileups.
"Stratigraphically the origin of agriculture and thermonuclear destruction will appear essentially simultaneous" -- Lee
If and when I get a vehicle with this shit in it I will break it day one. And if the car won't run without it I'll continue top break it until they take the car back or we exchange flying projectiles to the end.
You can build an emitter to force change stop lights that ambulances use, you can throw nails in the road, you can steal stop signs, you can build a short range emp to disable nearby cars, and so on. Everything can be abused. It is a good idea to build safe guards against such but most people don't go out of their way to distrupt traffic for the 'Lulz'. Plus if someone did attempt to use such a device then the near ambiguous presence of cameras even in vehicles could help identify someone that performed that kind of stunt.
Yeah - maybe my age / lameness quotient is starting to show, but this sounds like a horrible idea.
The potential for abuse is staggering.
Maybe people could just pay attention when they drive?
Pandering to the lowest common denominator would be less frequent if more people were prime numbers.
I guess there will be lots of swearing and honking
I don't know anyone has any concrete proposals for how this would work, what each car would transmit, what it would receive, or what it's expected to do with the data.
The problem, as I think about it, is we've got a chicken and the egg problem. I'd love to say that the manufacturers should experiment, try some stuff out, and converge on some recommendations. Problem is, it's kind of useless to have all that expensive gear in my car if no one else does. There'd be no one listening and no one talking to me. So how to get the ball rolling?
Maybe this is the way. Mandate that by 2020 (or whatever) every car must transmit some minimal data. Ignore the tinfoil hat theories about your every move being tracked (it probably is already anyway, thanks to toll bridge transponders and license plate scanners). That will make it much more reasonable to add receivers to cars a few years later, now that a substantial portion of cars are transmitting.
Oh, all this presumes that V2V communication is actually a good thing and worth the cost. Maybe it is, maybe it isn't. It could be a solution looking for a problem. Do we have any reason to believe this is a better way to spend our money instead of making stronger bumpers?
I am extremely worried about this.
1) It will be abused. Period. You know it will contain the VIN or other unique ID. So readers on the side of the road will be monitoring everyone everywhere- where you go, how fast you were going, etc. Endless tickets in the mail.
2) It will be hacked. Period. And once it is, it could cause chaos and devastation on the roads- causing other vehicles to panic and brake, others to swerve, etc. It would be one thing if this data were read-only, but we all know it will be linked into active controls. Road rage weapon. Stupid teenager prank. Whatever.
3) It will be hijacked. With active controls tieins, police cars could use spoofed info as one way to kinda remotely-control other cars. And, of course, if they can do it, so can criminals. It will give a new meaning to the word "carjacking"....
4) It will often be non-upgradable. Car manufacturers have a proven dismal track record on keeping ANYTHING updated on their cars. Once it is sold, they couldn't care less about the vehicle, unless they can somehow turn it into an endless stream of revenue.
Like any technology, there are good things and bad things with each "improvement".
Brake Yourself!
There will be rolled vehicles, but good luck finding the culprit, assuming the perp tosses their device as soon as they can. It is like cellphone jammers, which can be almost impossible to catch unless someone leaves it running long enough for LEOs to get a good fix on.
A pair of Democratic senators called on the agency to ensure that vehicles have "robust" cybersecurity and privacy protections in place before automakers deploy V2V.
Riiiiight....
...his name was Appleby, not Applegate.
This sig left unintentionally blank.
Or some board script-kiddie will send your car into a ditch.
Can someone explain the hypocrisy of not forcing these same smart V2V-enabled cars from simply adhering to the exact speed limit at every moment they are being operated? Oh yes, I guess that would remove the gamesmanship of evading the cops! I've wondered for about two decades why the turnpikes don't just hand out the speeding tickets at the exit booth -- they know the time you entered, and they know the time you exit, so they have all they need....yet they refuse to use the existing data to issue maybe 10,000 speeding tickets per day! (Per state!)
It's a 2001, still under 200K miles, and it has no wireless systems. I am sure I can keep it running a while longer, until this bullshit federal government fucking crap is deep sixed.
This is absolute nonsense, more unfunded mandates from government bureaucrats with nothing better to do.
Cut the goddamn federal government budget in half - now.
You can already abuse tons of things. As usual, there will be a generally decent technology barrier to abuse, and the laws again abuse will be sufficient to keep it an reasonable level. And we make adjustments along the way as appropriate.
Saying something is going to be abused doesn't really add anything. Everything can and will be abused against mechanisms in place to a degree we can live with.
"Old man yells at systemd"
a few lines concern me:
"Officials say V2V has the potential to mitigate 80 percent of non-impaired crashes and can interact with other crash avoidance systems, like automatic braking."
V2V uses dedicated short-range radio communications to exchange messages about a car’s speed, direction and location. The system uses that information from other vehicles to identify potentials risks and warn its driver.
Drivers would be able to turn off the warnings, but not the broadcasts themselves, Foxx said."
1, if you are able to turn off the warnings then what mitigation of the crashes is going to happen.
2. with a SDR (software defined radio) and the specifications of the broadcast, it will be easy enough to spoof a car from the side of the road with a laptop, possibly even a bunch of cars.
number one makes these saftey rules pointless but number 2 is a much greater problem that they are creating. The standards of the communication protocol would have to be made public and if cars are going to just be broadcasting this information, how will there be any sanity checks to see if what your car is receiving is the correct data? no matter how much encryption they put on it, it will eventually be possible to spoof broadcasts from a laptop as if you were in a car.
On the upside, i will finally have a way to slow people down in my area... just set up a bunch of boxes that say there is a 24/7 traffic jam in the area.
The cops will have this "Car stop now!" box FIRST!
Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
Unless it transmits a cryptographically-signed VIN as part of the broadcast, and receivers log that VIN to some kind of persistent storage if they rely on its data. It wouldn't necessarily prove that a specific INDIVIDUAL is guilty, but it could ABSOLUTELY pin financial liability on the owner of the vehicle associated with that VIN for negligently allowing a car he owns to spoof bad data.
I know that in Florida, you can't get license plates without registering the VIN, and I'd be shocked if any state DIDN'T require VIN-registration as a condition of getting license plates.
Since realtime certificate lookups are obviously out of the question, they'd probably issue certs good for a year at a time simultaneously with license plate renewal, and cars would be programmed to either ignore, or at least seriously question the validity of, expired certs.
It is like cellphone jammers
Oh good, I was worried for a minute. If it'll be as harmless and rare as cellphone jammers, then I'm not concerned. I've yet to have my cell phone suddenly not work, or have personally heard of this happening to someone.
Now, if it were a problem like spray paint and those asshole taggers, then I'd be concerned.
Such as tinder requests.
How about mandating simple things first. Amazes me driving in shitty weather how may people in new cars drive around in a blizzard without lights on when automatic headlight and/or daytime running lights could easily be implemented on even the cheapest vehicle. No, much better to mandate a multiple thousand dollar safety system than something implementable today for almost nothing. As if there aren't enough reasons for manufactures to jack up car prices.
What would happen if you threw a squaker onto a freeway. "I am braking hard right now!!!!"
Imagine a metro crippled for days by a car to car worm. Or, how about an entire city's autonomous automobile population commanded to layer 1 DDoS a business... "This drive thru line is ridiculous."
Luckily, the peer to peer signaling code will be secure. Especially if the industry rolls their own protocol from scratch. Phew!
"Life is life." --Laibach
It is like cellphone jammers
Oh good, I was worried for a minute. If it'll be as harmless and rare as cellphone jammers, then I'm not concerned. I've yet to have my cell phone suddenly not work, or have personally heard of this happening to someone.
Now, if it were a problem like spray paint and those asshole taggers, then I'd be concerned.
I was in a pub in the UK with no cell signal, absolutely none inside. Go just outside the door, signals totally fine. Could not call a cab from inside the pub. It was an old Tudor building, I doubt it was originally a faraday cage.
In the free world the media isn't government run; the government is media run.
Spoof the VIN of someone you dislike, spam away and they get the blame.
GPG is pretty solid right? Why not have every vehicle sign every message it sends with its private key? Then if you have a bad actor all the other vehicles can blacklist them. And if a hacker starts using multiple disposable generated signatures, the vehicles could use a web of trust to exclude signals from rogue actors, or at least take them with a progressively larger grain of salt.
Thing with V2V is that if someone send a legitimate looking emergency stop signal, then everyone in range will stop. It'll be annoying but no one will run into each other - Especially if they are all sending their own "I'm stopping" messages.
I think if the auto companies build a system that plans to be lied to and decides whether to trust a given message much the way we decide to trust each other or not, this could be a good thing - especially with the AI driving platforms we've already seen, and the ones reportedly in the works.
Its actually a very good idea. In theory.
In actual practice it will be full of easily exploitable security holes, due to the fact that doing actual QA and actually giving two shits about security would cut into profits (ie, the CEO's bonus).
Radio devices can be invisible when concealed in a pocket or trunk. Can you look at a camera and point out the bloke with a cellphone jammer in his pocket in a crowd?
How are the Feds able to mandate this? Seems a large stretch to see how this is associated with interstate commerce, which is about the only mechanism that the Feds can use to make US wide laws.
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
I'm sure the vehicle speed will be among the telemetry data, which will be so useful to LEOs - who will undoubtedly record your data. Why rely on radar when your vehicle will simply narc on you. Maybe some historical data will be available too, so they can nail you for speeding earlier.
It must have been something you assimilated. . . .
> Unless it transmits a cryptographically-signed VIN as part of the broadcast, and receivers log that VIN to some kind of persistent storage if they rely on its data.
And in this day and age, people can clone your car's wireless fob when you use it to open a door. Or clone your SIM card, RFID payment card, and others. Seeing as these boxes would probably be highly illegal to begin with, the users of such will have no problems with the morality of cloning an innocent bystander's vehicle VIN signature.
I thought we already had too many lives, and need to give people basic income instead of jobs. I bet there's some other reason behind the push for dirverless cars. I reckon inorganic slaves will be much easier to manage than the meat versions - initially, at least.
I comment occasionally so that I can mod others -1 overrated or -1 offtopic.
Let's attach a unique ID transmitter to every car in America!
Does it matter? Most people have cell phones on them, so are tracked anyway. When was the last time your phone was more than a metre from you?
Besides, if your car has tire pressure monitors then they emit a radio signal with a unique ID already:
* https://www.schneier.com/blog/archives/2008/04/tracking_vehicl.html
* https://en.wikipedia.org/wiki/Tire-pressure_monitoring_system#Privacy_concerns_with_direct_TPMS
* http://www.rtl-sdr.com/receiving-decoding-tire-pressure-monitor-systems-using-rtl-sdr/
Nope. But if an accident happens and these are short ranged then a simple matter of looking at footage of cameras. Note all the plates and vechiles. Follow up to the owners of the cars. Any with a tech background or criminal history then search their purchases. See if any similiar accidents have happened before. It will unlikely not be traceable in some form or another, especially if someone is doing it for fun which will only lead to them leaving more evidence of them doing it in other places.
Man, lately I've been having a hard time imagining the thought process of feds, government administrators, and people in charge of proposing policies like that.
How can they extol the supposed advantages of a system like that so much without giving a single thought - or thinking that people won't - of all the horrible potential dangers of it?
Like, dang dude, I could have a very nice adrenaline surge in my system which would feel nice and be potentially benefitial to my health if I jumped out of my balcony right now from the 20th floor or something... *silence*
I mean, let's all ignore how regular non connected car systems were already hacked, how dangerous it'd be to make it obligatory for car companies to have a system in place, the track record of car systems' security and then overall IoT, the history of unwarranted fed tracking and spying... let's save lives by forcing everyone to wear short choke chains to be controled remotely by proprietary closed software no one has access to and hackers would eventually find a way of taking control. It's not like we have weekly reminders on how badly companies handle security.
Already do. There was a discussion a few years back about how some of the newer ECUs were getting gigabytes of flash memory to retain telemetry data from the PCM and subsystems and recording it for later retrieval during dealer service (Dealer extensions, OBD-II proper doesn't have provisions for storing/retrieving that much data, AFAIK.)
Given a long enough period of recordings, that data could tell FAR more about you than you'd ever want others to know, and now they are moving that to broadcast telemetry which ANYONE could snoop within range, and anyone moneyed enough could snoop in every major public space. (Imagine google adding recieves/getting peering arrangements at major intersections/along thoroughfares, and combining it with telemetry from your cell phone to identify the occupants of any particular car. Tons of marketing opportunities there, especially with smart billboards.)
Cool. So people with malicious intent only need to invalidate a cert of a real car to make other cars not trust that it actually exists, and it will still cause chaos.
People will have so much fun with this, it'll be unreal. Imagine a little box you can buy/build that spoofs a vehicle system and tricks all the cars in a 100 meter radius into executing an emergency stop..
Woudn't it be more secure and effective to have a radar/lidar type detector detect an imminent crash and apply brakes?
So kind of like the Internet. Full of easily exploitable security holes. So obviously like the Internet we simply shouldn't do it right?
You can already abuse tons of things. As usual, there will be a generally decent technology barrier to abuse, and the laws again abuse will be sufficient to keep it an reasonable level. And we make adjustments along the way as appropriate.
Saying something is going to be abused doesn't really add anything. Everything can and will be abused against mechanisms in place to a degree we can live with.
This argument is non-falsifiable.
Parent provided a specific scenario about spoofing signals that can be falsified and the merits of his specific argument weighed.
What you have done is discounted his specific scenario by saying "you can already abuse a ton of things" This concept cannot be falsified. The same argument can just as easily be used to justify giving a Windows XP computer with no services packs a public IP address.
Bingo. And these simple minded examples are easily accounted for by anyone with even an bit of intelligence. Cars that appear out of 'Nowhere' is easy to fix. Then have the V2V simply ignore phantom signals unless they have been accounted for already, maybe a warning than automatic braking with the source listed as suspect or uncertain. If V2V is there for an aid than a guaranteed prevention I have no problem it ignoring signals that suddenly appear. Maybe even a reporting mechanism that can be volunteered by the owner to help identify any miscreants that are using such a device.
It's adding more and more crap like this to new cars that keeps them from getting cheaper over time. The average new car (in constant dollars) has actually gotten about 30% more expensive since 1980, while the price of a new PC has plummeted.
In 4 years, every car is supposed to have one and they detect all cars within 1000 yards, 10 times a second. Imagine a place like a multi-story car park in Manhattan. So then, the question: How much computing power would you need to make this all happen?
What's this V2V thing going to cost? Like airbags, this could be one of the more safety critical components on a car. Designing for safety and robustness doesn't come cheap.
The FAA did a similar order mandating all aircraft have ADS-B transponders. That capability costs upwards of $3k per Cessna 172 type aircraft.
Don't forget they were testing this tech out on people like Michael Hastings, who they killed.
Someone high up don't like you? They can now mandatory suicide you because your car will have this "nice tech"
How about instead they unveil a rule requiring vehicle computers and wireless electronics systems be secure first?
Why are pedestrians, pets, bikes, and wildlife being left out?
This is why I keep buying older cars and refurbishing them instead of buying new. You can build a truly awesome retro (or late model) vehicle for half the price of anything new with comparable specs. There is no "new car" feature you cannot add to an older vehicle with aftermarket equipment, and as regulations like this start coming out, all the more reason to drive an older sled. No state has succeeded (and few have even tried) to legislate older cars off the road because it disenfranchises the poor, so this tactic should work right up to the point when the Feds finally mandate next-generation vehicles (which do not exist yet, frankly).
Now, if you'll excuse me, I have backups to corrupt.
Once someone breaks the encryption on these things, they will make clones of the devices. Get the device small enough to fit on a drone and you have a recipe for mayhem, lol. You program your drone to fly around and cause havoc til the battery dies. If someone is looking to cause problems such that people may die, they won't worry about recovering the drone, so no controller to track it back to. Just make sure no fingerprints on the parts and you're good.
Buy a new car each 2-3 years as updates will stop after 2-3 years and the car manufacturers will say want to keep legal buy a new car or an 2-3K computer upgrade each 2-3 years.
As long as there is no data roaming or overages fees.
Aren't they co-located with the NSA???
If you treat cars like a swarm system, yes, vehicles need v2v. We do it on our drone system (p2p mesh network) since jamming and RF bandwidth limitations don't allow functional safety to work if it was centralized (which is very common on wired systems).
If device maneuver errors occur. and I do have and accident, I feel the burden of proof of innocence will be on me, Or what if the software prevents me from evasive action even though I'm right in judgement, and I crash? Also what if someone tampers with the software and causes a chain of accidents for fun??
Oh boy. I can't wait to start hacking other vehicles to order them to get out of my way. A nice side benefit to this is that eventually (and likely sooner rather than later) there will be a lot less vehicles on the roads.
I'm an American. I love this country and the freedoms that we used to have.
If I ever purchase a car with this capabiility, I will immediately physically disable it. This whole concept is stupid. No one should rely on the other vehicles telemetry to operate. In fact, there are self-driving prototypes right now that operate without any telemetry. Another case where the government is way too late and too stupid.
Officials say V2V has the potential to mitigate 80 percent of non-impaired crashes
Has anyone actually tested that assertion using some sort of prototype of this technology?
it hates other cars.
Is there a standard protocol for V2V? Or is there a given protocol backed by the feds? Otherwise it seems rather useless.
Currently anyone with the tech skills can make a car. Very few people do this, but it is possible and does happen. There is a known procedure for getting vehicle street legal. Now you'll also need to support V2V. What are the licensing requirements on that? Are only big companies going to be allowed to implement V2V components? Looking at history, the answer to that is yes.
Smart cars need the ability to drive themselves. This means they need to be able to handle driving when there aren't any other cars around to tell them what's around them and they need to be able to handle driving when the nearby cars are older modules without V2V and when a car has malfunctioning V2V components. So how is V2V supposed to help? If a car is turning the one behind it can see the turn signal. If a car is breaking the one behind it can see that change too as soon as it happens. Are these new V2V cars going to delay breaking so they can broadcast the "I'm going to break" message? Are they not going to instantly turn on the break lights? Cars shouldn't be traveling close enough together that they don't have time to respond to the break lights. Unless breaking is delayed to send the signal, it's faster for the other cars to see the break lights go to than decode any wireless messages and process those messages. By the time a V2V car can read the breaking message it should have already seen the car break and even if somehow that doesn't happen, cars shouldn't be traveling so close that a few miliseconds is the different between crashing and not crashing. At such a range no human would ever be able to avoid a crash and we are no where near a future with 100% smart cars on the road where such laws could actually matter.
Therefore V2V is completely pointless, except to extort money and exert control over other cars. It offers no safety features that a smart car shouldn't already be able to handle by itself.
We need more tech savy people in politics and we need people to comment on the public proposal. I read the article to see if it mentions when the proposal would be open for comments (can we get another Slashdot article then too?). I couldn't find that info. Is it open now? Anyone know? I'd like to add a comment.
However after reading I'm a little mistaken about this system. V2V is a system to warn human drivers, not automatic cars. At the moment, it doesn't directly control breaking (it certainly will be expanded to that in the future). But still, why aren't break lights good enough? How about we test this tech before mandating it on all cars? Where are the studies saying displaying pop-ups on your windshield during split-second decision making times doesn't lead to greater distractions?
requiring all new vehicles to have communication technology that allows them to "talk" to each another
To each "another"?
Here's what they might say:
Car 1: Lookout, I have an idiot controlling me.
Car 2: Yeah, steer clear of me too, the fool at the wheel is on their damned phone.
Car 3: My driver is drunk again.
Car 4: My driver is texting. I say F-it! Let's get them all together and let them all crash. Darwinism at its finest.
So if you're cruising along at 50 miles an hour, and someone goes flying by you at 120 miles an hour, cuts in front of you and slams on their brakes, the car should ignore it?
I dont see them, where is the nobody may track monitor other otherwise watch you via this. Till then it's antenna is getting clipped, hell after then it's getting clipped.
No sir I dont like it.
The internet in cars is actually a big vulnerability as well. Trying to draw an equivalency between huge, steel machines going around at dangerous speeds and computers on some desktops seems misplaced
That is a bad analogy and you should feel bad for making it. Internet security flaws makes people reinstall an OS or call their bank. Security flaws in an automobile system that can control the car can and will lead to the loss of innocent life for either profit, malice, or fun.
This is one of the rare cases where "wont someone think of the children?" is legitimate.
What useful information could this V2V actually provide that is more than provided by blinkers and brake lights?
I cannot think of anything.
You as a driver should be able to handle that as if that would happen without v2v tech, either poorly or well if a decent and aware driver. The V2V would also notice the car coming up and may even be alerted to this fact by other cars passing the info. Someone below mentioned using lider. If the car uses both systems the likelihood both could be hacked simultaneously should be extremely rare so having the car initiate braking would likely be done. How often does someone going 120 suddenly braking in front of the typical driver happen? A rare enough circumstance I would guess that if it wasn't programmed for that the driver should still be responsible for avoiding. If it was an autonomous vehicle then I would expect those situations to be accounted for.
Hopefully someone doesn't pass a semi on the right and then cut in front of you across four lanes because there's three car lengths between you and the car in front of you in the left lane, because that never happens.
People are stupid, just look at all the drivers that race in the lane that's closed in 1000 feet because of construction, and cut their way in front of those last few cars while narrowly avoiding the orange barrels.
We can't rely on government if we want freedoms and liberties for which were fought and this country was founded on. There are too few of us in the world. We need to focus on a migration movement in order to overcome the mass hysteria from "safety" issues which generally are put forth with ulterior motives in mind. From Automatic License Plate Readers (one good reason why we should do away with license plates, drivers licenses, and vehicular registration) to this they want to track us. Big government wants to be able to tax us and the technology companies are looking to profit off it. We need to end government [or get as close to it as humanly possible]. Not just shrink it. If there is no victim, no violence, no fraud, no theft, no coercion then there should be no crime.
The world is becoming a very scary place to live indeed. It's not the roads I'm afraid of its the police. It's the courts. It's the congress critters who do the bidding of large corporate entities, special interests, and industries.
It's not going to be easy- but there are people working on undoing the state. I sold a house last year, moved a business, and have gotten much more active in New Hampshire because there are others who 'think like me' here who are working together to fight government. Spread out we can't do shit. Together we can do a lot. There are 20,000+ people working on moving to New Hampshire. It's not enough to do everything we need to do. It is enough to do a lot of damage control. The state governments incarcerate the greatest number of people so focusing on local politics will have the biggest impact.
We have to start somewhere and the migration of liberty-minded people to New Hampshire is it. There are many different organizations that have sprung up supporting this migration. The Shire Society, the Free State Project, NH Liberty Lobby, and dozens of smaller groups across New Hampshire. We already have a good start with thousands of people having already migrated. Now we need to move that 20,000 number up to 40,000.
Check out NH Liberty Forum or Porcfest. The first is a conference with liberty folk from all over New Hampshire in attendance and the later is a camping festival attracting people from all over the world. Thousands of people gather in northern New Hampshire to find out what the liberty-movement is all about. Many early movers attend each years, to-be movers, and so forth. There are lots of talks, parties, and good times. This is not "libertarians" moving as most might think as the national libertarian is not a libertarian at all (they are republicans in sheep clothing), but principled libertarians so your not going to be amongst conservatives, republicans, or democrats. We want freedom in all its forms. We want to get government out of marriage, out of building a wall (except for maybe around Massachusetts, it's a joke, Massachusetts is very big on government), etc. We'd rather get rid of the boarder guards and open up free trade. End the war on drugs, end the drivers licenses, end the vehicle registrations, end the wars/military/police/and so on. We have people building new solutions for security (from apps to private security- which is possible and affordable once you end taxation and incomes double). We should all have a right to our livelihoods (not the same as a right to work, the difference is the government shouldn't be able to dictate who can and can't work via licensing/drivers licenses and so forth, but liability doesn't disappear if you go to operate on a patient, and are incompetent, nor can one expect to be incompetent, and not end up with a tarnished reputation from non-governmental review systems), etc.
These systems of licensing and tracking were sold on the basis of security- but now that we have them it's apparent and it has been for a long time that we don't really need them. There are dangers to living and if you accept that come move up to New Hampshire. If you don't please leave. We can all have the governments we want so long as we respect each others rights to come and go and don't force upon the rest our desired rules selfishly. Just move.
Buy the VIN encoded part from a junkyard for cash. You can already do this with ECMs right now. Done.
Just spoof some incorrect signals and make other cars make way for you in a traffic jam :)
Not going to argue with the idea of stupid drivers being out there. Seen my fair share. You made the arguement of 120 then slamming on brakes in front of you. Not that it doesn't happen but that it is rare for that circumstance. I would prefer V2V to make a driver aware of erratic drivers like in the case of someone coming over 4 lanes, I know I would like a heads up if that happened. I find fault with the idea unless it is perfect then it shouldn't be done mentality. Easily accounted for flaws like hackers making phantom cars appear out of no where then and the car automatically slamming on the brakes is one example. Cars with cameras in front can already break for you. Use that already existing tech to confirm the v2v signal that something has occurred that needs breaking for if need be. At least the car could advise that slowing down should be done because other cars appear to be breaking.
> How much computing power would you need to make this all happen?
Tightly programmed by folks who know what they are about? Surprisingly little. The US Air Defense system deployed in the late 1950s had regional computers that each covered several states and processed radar data from a dozen sites each, tracked several hundred aircraft, talked to adjacent regions, controlled fighters and air defense missiles, talked to manual AA sites, etc. All on computers comparable in processing power to an IBM PC-XT.
Programmed with modern technology on an Intel CPU? A hell of a lot I should think. But probably doable if you don't mind an occasional BSOD.
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
Agreed until the last line...
The 120 and slamming on the brakes was the hacked signal. Does the car respond or not was the question.
We're on the same page, just different verbage. Once you have varying sensors with differing capabilities, multiple fields of view, on multiple cars, with the possibility of radio blind spots, the FMEA will dictate the car stops.
By the time the computers agree. It'll be too late.
The hackers have to win.
I've got a new and innovative idea. Let the vehicles send Javascript snippets to each other which are interpreted on receipt.
This is a really stupid move by an administration that has been utterly clueless about security. Cars talking to other cars is likely to open up a serious security hole that the nasties, from thieves to terrorists, can exploit.
You can disrupt traffic by going to hardware store, buying a large box of nails and start tossing them out the window.
Of course it'll be abused and there will need to be safe guards against it. Let's hope the engineers implementing it get the system right the first time.
Dude, do you have *any* idea how robust encryption schemes like AES, and hashes like SHA are?
Not even the NSA has the resources to bruteforce 128+ bit AES or 256+ bit SHA. If the NSA worked hand-in-hand with their Russian, Chinese, and Israeli counterparts and threw literally every computer resource at their disposal at bruteforcing AES or SHA, they MIGHT have ~50% likelihood of success after 10-25 years IF they managed to discover some as-yet undiscovered weakness. Not even organized crime, buying 100% of Amazon's on-demand computing power, could hope to bruteforce either scheme within any viable timeframe.
Modern encryption doesn't get cracked by bruteforcing keys... it gets cracked by bruteforcing people or devices with ACCESS to the keys (say, pointing a gun or court warrant at them, or obtaining physical control of a PKI hardware key's container).
This is NOT a trivial problem that script kiddies can defeat between classes and WoW tournaments. Even SHA-1 has been "compromised" only to the extent that someone with substantial resources and good luck could discover a meaningless pseudorandom chunk of data that produces the same hash as the original hashed data.
FPGAs (and GPUs) can radically compromise "Proof of Work" algorithms like Blowfish, but that's ONLY because those algorithms made assumptions about resource scarcity that Bitcoin miners have been highly-motivated to surpass. AES & SHA(-2) are entirely different beasts... THEIR hardware constraints & key length move the time scales to "longer than the Earth has existed... or with as-yet nonexistent hardware, maybe the length of recorded human civilization."
Gotcha, but that's not what I meant; I was referring to parent's "little box" and meant pulling the transponder and system out of the rolled vehicle to use nefariously. No need to build a device, when everything's already there. Just pull it apart, spoof some sensors, and it will tell vehicles whatever you want.
I can see VIN or MAC filtering, such that when a vehicle is taken out of service due to something like a rollover, its VIN/MAC is then ignored on the network...but big deal, spoof another VIN/MAC.
This is ripe for bored teenagers sitting by the highway and messing with random drivers.
My car will only say "Fuck you!" to all other cars.
After I hack my transponder to imitate an out of control 18-wheeler, that rush hour traffic will part for me like the Red Sea for Moses. Commuting will be a breeze. :)
- Necron69
I actually took a few minutes and skimmed some of the online training modules that USDOT put out for developers. There are problems, and they "sort of" admit to them. If I read this correctly, there are only ~105K possible keys, though I'd love to be wrong - otherwise this should fall to a brute-force attack in seconds. Just slam on your brakes, record the outgoing packets, and try every key until one decodes as "putting on my brakes, dude!" And now you have enough information to force any car to let you merge in, whether the driver wants to or not. Which, heck, might actually improve safety. I don't know. Could go either way.
As far as privacy, it's still pretty weak (=totally cracked). They aren't recording the MAC addresses of the cars per se, or so they say, but you could from first principles tell what factory a car came from and its approximate date of manufacture. That's useful - narrows it down to a manageable number of vehicles. Or just passively monitor an intersection with a license plate reader and record every "putting on my brakes, dude!" message. Now you have a table of license plates and MAC addresses. I can't see, frankly, that licence plate reader vendors won't sell this as an optional feature for a modest additional charge.
A big problem, and one discussed elsewhere, is that re-keying this thing is going to be a pain. It doesn't support over-the-air keying, and the intent is that a dealer will periodically re-flash new certificates/keys. That's a tall order. For this to work, cars will have to accept some pretty old keys (insert stars wars joke about older codes but they check out, above), increasing the odds they'll have to accept previously compromised keys. Which will probably be had by dumping the flash.
Anyway, the layer 1 and 2 protocols over the air are 802.11p, and what looks like a quasi-layer-3 is IEEE 1609. So get started.
Another commenter has asked about GPS errors. Looks like the standards explicitly support a very-short-range form of differential GPS and I wouldn't be surprised to see some sort of localizer used to reinitialize a Kalmann filter at some point. Pretty easy these days.
GPS fails or is not accurate enough for airplanes to rely on 100% of the time. The local Air Navigation Service Providers (ANSP) like the FAA have space based augmentation like WAAS in the US to make things better, but still not 100%. I could see cars going out of control when the GPS signals are no good. 5 cars are occupying 00'00.000" on this place in the freeway, they all jam on the brakes.
Who gets to program the kalman filters that predict the closing rates and such, they never fail. GPS only can tell you where you were when the signal came down, not where you are when it is done calculating. The Kalman filter tried to adjust to where you are when the calculations are done.
Too much Theory, and not enough Practical.
How about they just invest more money in better driver education and testing?
"Go just outside the door, signals totally fine."
That tells me your signal was being blocked, not jammed. Lots of old buildings will block signals - good solid walls, expanded metal lathe, metal-rich plaster, etc. And lots of things you can do to block a signal intentionally, mostly all completely legal. Lots of things are reasonably opaque to microwaves, not just Faraday cages.
Jamming is a completely different issue, precisely because it doesn't respect property boundaries. Turn on a jammer in your house, and it's going to interfere with phones in all the surrounding houses as well.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
Profiling geeks now?
I can hear it now...
"..anyone with more than 3 devices will be considered a person of interest by default. More than 5 and they will be placed on a watch list..."
When the subsequent legislation requires that the V2V 'does the appropriate thing' and pulls off to the side of the road for Emergency Vehicles, spoofing ones vehicle as an emergency vehicle WILL become commonplace. The concept, while 'good' is truly fraught with perils not considered.
http://this.deakin.edu.au/cult...
Afraid you're underestimating - severely.
You have to plan for areas with 10s of thousands of cars.
Modern encryption algorithms are easily u[wards of 1000 clock cycles or more.
And any kind of logging to disk - lol - that's not going to happen.
You'd need about a 1GHz chip just to decrypt it all.
Then you still need to process and model the behavior of 10s of thousands of nearby cars.
The amount of Wattage you spend waste on this would probably drain your car battery as fast as your alternator could charge.
Did you think all this crap would have no carbon footprint?
It is simply not a cost effective system.
Yeah, that won't last long. Setting a fake VIN will probably be easy.
If they're not, expect people to use junkyard parts. Who are you gonna cry to when the VIN is from a totaled car sitting in the east bumf*ck scrap yard and that part was never sold to anyone.
Expect criminals and terrorists to make full use of these capabilities.
And how fast does anyone think the hackers will usurp the technology to FORCE the cars to crash?
Maybe so, but is it worth the risk of being massively fined or possibly earn an extended vacation at Club Fed? Between signal triangulation and highway video surveillance, it would probably be trivial for law enforcement to catch someone doing this.
No, it'll be used to tax you first, then the cops will get their remote shut off.
Signal triangulation? That would require constant surveillance by multiple dozens of antennas per mile of road as the signal would only be on for a fraction of a second.
As for "is it worth the risk", bear in mind we live in a world where dumbasses shoot at cars from the ditch and throw cinder blocks off overpasses at cars for shits and grins. Those people aren't thinking about risk, just mischief or worse.
Don't forget they were testing this tech out on people like Michael Hastings, who they killed.
Someone high up don't like you? They can now mandatory suicide you because your car will have this "nice tech"
Then when the car happens to burst into flames it not only ensures the target is terminated, it conveniently destroys all traces of tampering, AND has the added benefit of making future whistleblowers think twice before embarrassing someone important. All completely plausible. Even if there is suspicion of tampering, just blame foreign hackers.